Below the Surface (Audio) - The Supply Chain Security Podcast Hardware Hacking Tips & Tricks - BTS #48
16 snips
Apr 7, 2025 Explore the intriguing world of hardware hacking with insights on powerful devices like the Flipper Zero and ESP32. Discover their practical applications, from RFID to Wi-Fi attacks, and learn how these tools influence the hacking community. The hosts uncover vulnerabilities in hotel security systems and the challenges posed by legacy systems. They also highlight the importance of validating firmware in supply chains and discuss the implications of secure boot complexities. Join the conversation as hardware hacking reshapes the cybersecurity landscape!
AI Snips
Chapters
Transcript
Episode notes
Delay Exploit Releases When Public Safety Is At Risk
- Do not publish exploits for widely deployed systems (like hotel locks) until remediation is feasible because release may endanger people.
- Prioritize coordinated disclosure and consider the operational difficulty of patching physical devices.
Legacy Hardware Creates Long-Term Risk
- Legacy physical systems are costly and slow to remediate, making them persistent enterprise risks even after vulnerabilities are known.
- The same supply-chain and remediation challenges in hotels apply to critical infrastructure and OT environments.
How Some Cars Were Stolen Without Immobilizers
- Paul recounts car theft research and explains many vehicle-theft methods don't rely on a Flipper Zero but on relay attacks and missing immobilizers.
- He describes the Kia/Hyundai case where no immobilizer allowed cars to be started with a USB cable after gaining access.